Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update island.is certificate and checks #6

Merged
merged 1 commit into from
Jul 3, 2021
Merged

Update island.is certificate and checks #6

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
32 changes: 32 additions & 0 deletions cert/FullgiltAudkenni.pem
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
-----BEGIN CERTIFICATE-----
MIIFfDCCA2SgAwIBAgICAyQwDQYJKoZIhvcNAQELBQAwazELMAkGA1UEBhMCSVMx
EzARBgNVBAUTCjU1MDE2OTI4MjkxGjAYBgNVBAoTEUZqYXJtYWxhcmFkdW5leXRp
MRYwFAYDVQQLEw1Sb3RhcnNraWxyaWtpMRMwEQYDVQQDEwpJc2xhbmRzcm90MB4X
DTE3MTExNjEzMjgzM1oXDTMyMTExNjEzMjgzM1owfjELMAkGA1UEBhMCSVMxEzAR
BgNVBAUTCjUyMTAwMDI3OTAxFTATBgNVBAoTDEF1ZGtlbm5pIGhmLjEnMCUGA1UE
CxMeVXRnZWZhbmRpIGZ1bGxnaWxkcmEgc2tpbHJpa2phMRowGAYDVQQDExFGdWxs
Z2lsdCBhdWRrZW5uaTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMyn
5tktN9C5QTrErtjS5YM+0k29pTy5a8TYl56Ma70OJT6aO17z5NsPjwSnTswlEZ34
+zjzZm5MVxi8/fQpbDZlE/4N4YZlYBD1rm8AZB3mJUyPVNYQpTirnWPAIXUjYD0B
25K7NU6V7MTibr5Z0VRgljvSbaKut4Y2ld3bx6Kmzc4pHKLU2hjbK+BSrPTbKuLH
8Xae9WP6O2Zxd2d3elDUmh+0uhFexf3DuBNxvp4ildmISdDG2x538i+jBOUyv9GX
wwbPGadt2FIdI15xgC0Y4L/AC8snfjEMcwH0xuaqdmAA/iOSWiprgTLQUmcnQQyT
6lpM21Ai/EaqDvT1AWkCAwEAAaOCARUwggERMBIGA1UdEwEB/wQIMAYBAf8CAQAw
agYDVR0gBGMwYTBfBgdggmABAQEBMFQwLQYIKwYBBQUHAgIwIRofSW50ZXJtZWRp
YXRlIENlcnRpZmljYXRlIFBvbGljeTAjBggrBgEFBQcCARYXaHR0cDovL2NwLmlz
bGFuZHNyb3QuaXMwDgYDVR0PAQH/BAQDAgEGMB8GA1UdIwQYMBaAFGV8Ul8MuWrF
0jBaAr2g+4BAsh66MD8GA1UdHwQ4MDYwNKAyoDCGLmh0dHA6Ly9jcmwuaXNsYW5k
c3JvdC5pcy9pc2xhbmRzcm90L2xhdGVzdC5jcmwwHQYDVR0OBBYEFMIpPob/hsTa
NR9ppqT/AYM8SjOpMA0GCSqGSIb3DQEBCwUAA4ICAQBOBaAGxLPntnC3fVeHeQsD
13AT2a3+Ry9R3AFP063Cwnc4+SYlCt+LSPa2wTCcDXAjvPgaxjRrTuTF1sCfj1uu
8GVMeo7e6suYggf2PLxsKWjaGOJhUtZnNC1rh2mt4TVYTR2D0AHYju0nNjzZlXU3
1Ea//HDCQkV9+sSINTTrFL0Y5kB05WyVBXLHSTl/bKY8ULik2JImofrF+nI7GifH
CMLFkCOkAUDsI3Fd0Fh7v3NguxpOM4sov2jowMZzxqkS9B8B0qRO41h6spuLvsNS
tnFZHIbTrMaINUm9X6C49lr0fpRri4UNQa2prMgNsK9dwsYurlMga1WpO6fwkzU3
mLYjitUxV9iYJ1VWj2jhJt0ofDsB4xLCVu8n0gekde09P5EdWzLvXD03PLtkEiGt
HElpluMFYaFjHhofYhai3u5eLVFTcNkEcyZO470EZTZ123dP3JQpSBKFjH7Z5CSS
wgvFB/zOOdnEDS49Iidetk5y2D8Pg2NB4qGJcmkit9Zjv2cOj9b5gKu7XMzkja9v
MahgfOrAKZJS7nrxr6NNR4rTMw8Rb9nvkS2sGk9ZGnbMLM+j84LDpT0rFMLNkegD
FVob63pewil6mH43mVOLq6tyYMiU7mgzYcui1rGnhtLiSqpI6L1UaQ2IqT4PJGdX
PIeO6oWVJpZaF7hWABD7sw==
-----END CERTIFICATE-----
36 changes: 0 additions & 36 deletions cert/TrausturBunadur.pem
View file
Open in desktop

This file was deleted.

14 changes: 7 additions & 7 deletions src/validateSignature.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ function isCertificateDataValid(cert) {
const { organizationName } = cert.issuer;
const { validFrom, validTo } = cert;

if (serialName !== "6503760649" || organizationName !== "Audkenni ehf.") {
if (serialName !== "6503760649" || organizationName !== "Audkenni hf.") {
return false;
}

Expand Down Expand Up @@ -62,17 +62,17 @@ function checkSignature(doc, pem, xml) {

function isCertificateValid(certificate) {
// Reference: https://www.audkenni.is/adstod/skilriki-kortum/skilrikjakedjur/
const TrausturBunadur = Certificate.fromPEM(
readFileSync(path.resolve(__dirname, "../cert/TrausturBunadur.pem"))
const certFromPem = Certificate.fromPEM(
readFileSync(path.resolve(__dirname, "../cert/FullgiltAudkenni.pem"))
);

// we only need to verify TrausturBunadur cert because that is the cert used
// we only need to verify the authority cert because that is the cert used
// to sign the message from Island.is
if (
TrausturBunadur.verifySubjectKeyIdentifier() &&
certFromPem.verifySubjectKeyIdentifier() &&
certificate.verifySubjectKeyIdentifier() &&
TrausturBunadur.checkSignature(certificate) === null &&
certificate.isIssuer(TrausturBunadur)
certFromPem.checkSignature(certificate) === null &&
certificate.isIssuer(certFromPem)
) {
return true;
}
Expand Down